The content below is taken from the original (New wearable tracker can transmit vital signs from a soft, tiny package), to continue reading please visit the site. Remember to respect the Author & Copyright.

The content below is taken from the original (Amazon UK now lets you easily convert cash into online credit), to continue reading please visit the site. Remember to respect the Author & Copyright.

The beauty of shopping online is that you can browse and buy without ever leaving the comfort of your sofa. Amazon accepts all major debit and credit cards online, but what if you’ve got a bundle of cash lying around you’d rather use instead? Enter "Amazon Top Up – In Store," a mouthful of a new service that lets you convert cash into online credit.

First, you’ll need to find a local shop, petrol station or what have you with a Paypoint register. These are the ones through which you can pay bills, renew your TV licence and add funds to your pay-as-you-go mobile or prepaid card then and there. Head to Amazon’s top-up site on your phone, or track down the equivalent page on the retailer’s mobile app, and grab yourself a unique barcode.

Get the shopkeeper to scan that barcode, hand over between £5 and £250, and it’ll immediately show up in your Amazon gift card balance. It’s tantamount to using the money to buy a gift card, but with less steps and thus, less hassle — but beware any deposits are non-refundable. You may remember Amazon launched a similar service in the US earlier this year, albeit with the catchier title of "Amazon Cash."

It may seem strange to go through this whole process when it’s infinitely more convenient to make card payments, but not everyone has a bank account and some people would still just rather not hand over financial details to a website. Amazon is in the business of selling stuff, so if there’s a demographic that can or will only use cash, you bet Amazon is gonna make sure they can spend it online.

Source: Amazon, Paypoint

The content below is taken from the original (Microsoft rolls its own hyperconverged appliance program), to continue reading please visit the site. Remember to respect the Author & Copyright.

Microsoft’s revealed it’s signed up several server vendors to make hyperconverged appliances running Windows Server natively.

Hyperconverged appliances have, to date, nearly always been about giving vSphere a nice place to live. But plenty of those who use vSphere in any environment do it to run Windows Server. Which is a little odd given that Redmond’s server platform includes Hyper-V for compute virtualization, VXLAN for network virtualization and plus Storage Spaces for software-defined storage.

Those three ingredients are the basis of any software-defined data centre and indeed also any hyperconverged appliance. That’s not passed Microsoft by, but the company has been rather busy getting Azure Stack out the door.

Now the company has revealed an effort called “Windows Server Software-Defined” that sees approved hardware partners offer “validated solutions” that wraps Windows Server into three packages, namely

• Hyper-Converged Infrastructure Standard: Compute and storage in one cluster;
• Hyper-Converged Infrastructure Premium: Billed as a “software-defined data center in a box” because it adds software-defined networking and Security Assurance features to HCI Standard.
• Software-Defined Storage: Software-defined storage built on commodity servers and billed as a replacement for standalone arrays, with support for all-flash NVMe configurations and scale-out.

HPE, Lenovo, Fujitsu, Supermicro and QCT have signed up as partners, as has Windows-centric software-defined storage concern DataON.

Will anyone care? The Register understands that Microsoft people and Redmond’s partners will all emerge with fatter pay packets if they sell Azure capacity rather than anything licensed to run on-premises. Microsoft’s also making rather more noise about Azure Stack than Windows Server these days. And let’s not forget that Hyper-V has been more-or-less free for years, yet VMware kept the majority of the virtualization and hyperconverged infrastructure markets.

The Register‘s virtualization desk therefore expects the Windows Server Software-Defined will be appreciated by some buyers, but won’t markedly change the hyperconverged infrastructure market. That’s Azure Stack’s job and when it lands in September it looks like doing it well. ®

Sponsored:
The Joy and Pain of Buying IT – Have Your Say

The content below is taken from the original (Sofa-jockeys given crack at virtual Formula 1 world championship), to continue reading please visit the site. Remember to respect the Author & Copyright.

The content below is taken from the original (Microsoft Has Problems as They Work to Improve Office 365 Support), to continue reading please visit the site. Remember to respect the Author & Copyright.

The Challenge of Office 365 Support

A vast variety of organizations use Office 365 from 5-people businesses to the largest multinationals. The experience of the people working in those tenants range from zero IT experience to some of the most experienced technologists. The upshot is that Microsoft receives a massive stream of support requests daily in over 100 languages looking for help with anything from very basic questions to some very deep and specific problems that might take weeks to solve. Microsoft needs to record, work on, and solve all those requests. It is truly a Herculean task.

A team within the Office 365 product organization, called “Satisfy”, is responsible for making the support experience as good as possible for customers. Some of those changes are flowing out to tenants now, but it has been a bumpy ride.

Flawed Switchover for Office 365 Support UI

Over the past few months, several posts appeared in the Microsoft Technical Community to describe problems that people had with Office 365 support. To be fair to Microsoft, any system has a certain volume of ongoing support problems. And the sheer size of Office 365 means that its support load and support issues can be large. Given the scale of Office 365, there are always likely to be some support snafus ongoing at any time.

An April 19 post describes how Microsoft had changed the “support experience” or the UI in the Office 365 Admin Center to allow tenant administrators to file support requests. For some tenants, the change restricted administrators to be able to open no more than a single support request at a time and removed their ability to view open support requests and historical cases.

Anyone who has ever run a moderately large Office 365 tenant knows that it is normal to have multiple open support incidents, some of which stay open for many weeks or even months. Removing this capability, even for a brief time, was not an improvement. Thankfully, you can now log multiple incidents again.

Two weeks after the original post (May 3), Microsoft replied to say that they are updating the support experience (UI) inside Office 365 and that: “For a short time, some customers will not be able to open multiple support tickets or see their support ticket history.“

Poor Support Experiences

Roll forward to July 17 and a response from another user to the original post said that: “I’m sorry but this is by far the biggest fiasco I have ever seen in IT Service Management — ever.” The author also posted a comprehensive note pointing out the flaws in the current Office 365 support experience and recommending that Microsoft use the same support approach as for Azure.

That post focuses in on the lack of knowledge displayed by some first-line Office 365 support engineers: “Finally, while Microsoft justifies that working with one engineer is better because this one engineer (or concierge) “have breadth of knowledge in all services” is wishful thinking to say the least. My experience has proven otherwise. They seem more like 1st level support reps who are often forwarding our queries to the more capable engineers in the background. The resulting experience, at least for me, has been: a) those concierges failing to understand some fundamental technical aspects of the issue at hand; b) confusing issues; c) providing incorrect or insufficient resolutions; and d) taking a significant amount of time to come back with a solution.”

I think some truth is here. The size and diversity of Office 365 is such now that it is very difficult for a support engineer to have more than a passing acquaintance with more than one basic workload (Exchange or SharePoint) and some of the applications. As someone who has run support organizations in my time, I know the problems that exist in hiring, training, and keeping good support personnel, especially those who can cope with ever-changing environments. And Office 365 changes faster and in more ways than any on-premises environment.

A Cloud of Darkness Descends

Clearly Office 365 support ran into stormy waters with the introduction of the new support experience and the quality of the support received by some tenants.

Compounding the problem, apart from replies in the Technical Community, no one from Microsoft cared to explain what the change meant and how the updated support processes change (and improve) what tenants used before. Nothing appeared in the Office Blog and no mention of any change to support is in the Office 365 roadmap.

How Microsoft Wants to Improve Support

I spoke about the issues with the “Satisfy” team, a very committed group within Microsoft dedicated to improving all aspects of support within Office 365. They acknowledge that they have not communicated the change well and that some parts of the experience do not work as well as they should.

Microsoft says they have four goals in changing the way the support UI works inside Office 365:

1. Reducing the friction to open a support ticket.
2. Reducing the time for initial contact from support.
3. Reducing overall time to resolve the issue.
4. Providing self-help that is personalized using telemetry.

The old UI asks administrators to enter some information about the problem (Figure 1) before they can create a service request (support ticket). The UI is straightforward and clear and I do not see much friction. Some administrators might not know what feature is affected or how best to describe a problem, but apart from that, completing the form should not be a problem.

Figure 1: Creating an Office 365 support request the old way (image credit: Tony Redmond)

The new UI (Figure 2) has two tabs. One to create a new service request and the other to look through open service requests or to check the historical record of requests for the tenant.

Searching for Solutions

The immediate thing that strikes you about the new (reduced friction) interface is its demand that the administrator searches for a solution before they click Get Help to file a service request. This is a perfectly acceptable step for a part-time administrator to take because they might not know where to look for help with a problem. However, asking experienced Office 365 Administrators to search for solutions before filing a support request is treating professionals like children, especially as the search only covers solutions found in the support.office.com site. To be fair to Microsoft, the search is not just a document search as it also takes in telemetry that Microsoft has about a tenant.

Figure 2: Creating an Office 365 support request – the new way (image credit: Tony Redmond)

I can appreciate that some people need or want to search for solutions, but when I need help with Office 365, you can bet that I consult the search oracle multiple times to look for a solution and gather the necessary evidence to prove that the problem is real before I go near Microsoft. All I want to do is get to the point where I can log the problem with Microsoft, which is what happens in the old UI. The new UI might be prettier, but it is less effective for experts.

Another annoying feature of the new UI is that it does not allow administrators to upload data relating to a problem to Microsoft when they create a support request. You cannot attach logs, screen shots, documents, or anything else. Thankfully, Microsoft says that they are adding this functionality back.

Greater Use of Tenant Telemetry

Microsoft says that a big advantage of the new UI is the way that incorporates background checking against telemetry data for the tenant to help detect problems and offer solutions. In the example given by Microsoft (Figure 3), an administrator reports that email does not work. A quick check shows that the MX records for the tenant are not configured correctly.

Figure 3: Telemetry finds a problem (image credit: Microsoft)

I see value in trying to resolve inbound service requests quickly and efficiently by using the telemetry and information available to Microsoft about tenant usage and configurations. If this approach stops 5% of potential requests turning into service requests, it will be good for those administrators.

However, I think this approach only works for part-time or not-very-experienced administrators. I also wonder how effective it can be when dealing with problems in integrated applications like Teams, which relies on components drawn from other parts of Office 365.

Apart from not asking administrators to search for solutions, the UI for support requests in the Office 365 Admin mobile app is consistent with the new browser UI.

The Key to Better Support

Microsoft is aware of the need to continue to improve the quality and effectiveness of Office 365 support. Reducing the number of clicks needed to create a support request is good, insofar as it goes, and using machine learning to make sense of tenant telemetry to find problems is intelligent.

I think Microsoft also needs to allow some way for expert administrators to get right to the point when they create a service request to accelerate the problem resolution process. It would also be good to use the telemetry gathered by Microsoft to give administrators regular health reports about their tenants to proactively identify lurking issues.

In terms of a really great support experience for Office 365 tenants, the real impact comes in the back-end where support engineers pick up the problems submitted by customers and work through to resolution. Unless those engineers have the right knowledge, experience, background, and systems, the quality of support will always be inconsistent and unsatisfying.

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.

The post Microsoft Has Problems as They Work to Improve Office 365 Support appeared first on Petri.

The content below is taken from the original (Google launches Chrome Enterprise subscription service for Chrome OS), to continue reading please visit the site. Remember to respect the Author & Copyright.

The content below is taken from the original (AWS Cost Explorer Update – Better Filtering & Grouping, Report Management, RI Reports), to continue reading please visit the site. Remember to respect the Author & Copyright.

Our customers use Cost Explorer to better understand and manage their AWS spending, making heavy use of the reporting, analytics, and visualization tools that it provides. We launched Cost Explorer in 2014 with a focus on simplicity – single click signup, preconfigured default views, and a clean user interface (take a look back at The New AWS Cost Explorer to see where we started). The Cost Explorer has been very popular and we’ve received a lot of great feedback from our customers.

Last week we launched a major upgrade to Cost Explorer. We’ve redesigned the user interface to optimize many common workflows including filtering, report management, selection of date ranges, and grouping of data. We have also included some default reports to make it easier for you to explore the costs related to your use of Reserved Instances.

Looking at Cost Explorer
Since pictures are reportedly worth 1000 words, let’s take a closer look! Cost Explorer is part of the Billing Dashboard so I can start there:

Here’s the Billing Dashboard. I click on Cost Explorer to move ahead:

I can open up Cost Explorer or access one of three preconfigured views. I’ll go for the first option:

The default report shows my EC2 costs and usage (running hours) for the past 3 months:

I can use the Group By menu to break the costs down by EC2 instance type:

I have many other grouping options:

The filtering options are now easier to access and to edit. Here’s the full set:

I can explore my EC2 costs in any set of desired regions:

I can filter and then group by instance type to see how my spending breaks down:

I can click on Download CSV and then process the data locally:

I can also exclude certain instance types from the report. Here’s how I exclude my m4.xlarge, t2.micro, and t2.nano usage:

Report Management
Cost Explorer allows me to customize my existing reports and to create new reports from scratch. I can click on Save As to save my customized report with a new name:

I can see and manage all of my reports on the Saved Reports page (The padlock denotes a default report that cannot be edited and then overwritten):

When I click on New report I can start from a template:

After I click on Create Report, I set up my date range and filters as desired, and click on Save As. I created a report that displays my year-to-date usage of several AWS database services (Amazon Redshift, DynamoDB Accelerator (DAX), Amazon Relational Database Service (RDS), and AWS Database Migration Service):

All of my reports are accessible from the Reports menu so I can check on my costs with a click:

We also simplified the process of selecting a range of dates for a report, including options to select common date ranges:

Reserved Instance Reports
Cost Explorer also includes a pair of reports that will help you to understand and optimize your usage of Reserved Instances. I don’t own an RI’s so I used screen shots supplied by the team.

The RI Utilization report allows you to see how much of your purchased RI capacity is being put to use (the dashed red line represents a utilization target that you can specify):

The RI Coverage report tells you how much of your EC2 usage is being handled by Reserved Instances (this time, the dashed red line represents the desired amount of coverage):

I hope you have enjoyed this tour of the updated Cost Explorer. It is available now and you can start using it today!

— Jeff;

The content below is taken from the original (Self-driving truck that’s built to crash comes to Colorado), to continue reading please visit the site. Remember to respect the Author & Copyright.

Tech and automotive companies have quietly been trialing autonomous trucks since 2015. Thus far, these tests (from the likes of Daimler and Uber) have been inconspicuous enough to go unnoticed by other drivers. But, a new kind of driverless truck is designed to stick out like a sore thumb. And, if by chance it ends up serving its purpose, it could make an almighty racket. While you read this, an autonomous impact protection vehicle is making its way around Colorado. You know the type: They’re big, yellow, and tend to be deployed behind road workers to prevent you from crashing into them. One more thing we should mention: They’re designed to take the full brunt of a collision. They do this via a massive metal bumper on the back.

Like other self-driving trucks, this modern safety vehicle takes a traditional body (with subtle mods) and adds autonomous tech to the mix. The software comes from Kratos Defense and Security, a company that specializes in military drones and missile targeting systems. On the road, the truck crawls behind a regular car hooked up to precise GPS. This vehicle emits a signal that the robotruck uses to maintain its speed, position, and heading. On top of that, it uses its own radar to avoid obstacles.

Its goal is to save lives and — by going driverless — it also ends up being even safer. How so? Well, by removing its own driver from the equation. Driving a car that’s designed to crash sounds like an insanely dangerous occupation. Yet, to this day, humans are the ones carrying out this task around the country. That’s something the Colorado Department of Transportation (DOT) is intent on changing. With this trial, the state is now the first to test a connected impact protection vehicle without a support driver at the wheel.

"People often talk about the coming job displacement of automated vehicles…well this is actually one job I want to get people out of," Shailen Bhatt, Colorado DOT’s executive director, told Wired. "The idea that we have a truck thats job is to get hit, with someone sitting in it, well that doesn’t make a lot of sense."

Next up, the aim is to get the vehicle performing other tasks. One day, similar robotrucks could lay down road stripes. If Kratos has its way, they’ll also be utilized as tugs in shipping docks, as garbage trucks, and road sweepers. Not quite as fancy as the concept cars showcased at conventions, but a (quiet) revolution in their own lane.

Source: Wired

The content below is taken from the original (Why your team needs an Azure Stack Operator), to continue reading please visit the site. Remember to respect the Author & Copyright.

The content below is taken from the original (How Azure Security Center aids in detecting good applications being used maliciously), to continue reading please visit the site. Remember to respect the Author & Copyright.

We’ve written in the past about how Azure Security Center helps detect malicious activity on compromised VMs, including a post detailing a Bitcoin mining attack and one on an outbound DDoS attack. In many cases, attackers use a set of malicious tools to carry out these and other actions on a compromised machine. However, our team of security researchers have identified a new trend where attackers are using good application to carry out malicious actions. This blog will discuss the use of known hacker tools and those tools that are not nefarious in nature, but are being used maliciously, and how Azure Security Center aids in detecting their use.

Hacker tools aid in exploitation

Generally, the first category of tools we see after a brute force attack are the Port and IP address scanning tools. Most of these tools were not written maliciously, but because of their ease of use, an attacker can scan IP ranges and ports to find vulnerable machines that they can target.

One of the more frequent port scanning tool that we come across is KportScan 3.1, which has the ability to scan for open ports as well as local ports. It has a wide range of uses, including working with any port as well as individual addresses and IP ranges.  It is multithreaded (1200 flows), consuming very few resources on compromised machines, and the best part is that the tool is free.  After running a scan, results are stored by default to a file called “results.txt”. In the example below, KportScan is configured to return all IP’s with the ranges specified that have port 3389 open to the internet.

Other scanners that we see dropped on machines after they have been compromised include Masscan, xDedicIPScanner, and D3vSpider.  These tend to be less frequent, but are notable.

Masscan claims to be one of the fastest Internet port scanners out there. It proports to scan the entire internet in under 6 minutes with your own network bandwidth being the only gating factor.  While Linux is its primary platform, it does run on many other operating systems including Windows and Mac OS X.  The below command will scan for open ports on 3389 where the subnet range is 104.208.0.0 to 104.215.255.255, which is 512k worth of addresses.  The results will be stored in a XML file called good.xml.

xDedicIPScanner is another port scanner which is based on Masscan. It has many of the same capabilities as Masscan, but does not require a user to learn Linux as it is GUI based.  Some of its features include, scanning of CIDR blocks, automatic loading of country range`s, small foot print, and ability to scan multiple ports or range of ports. It also has some application dependencies to run, they include Winpcap and Microsoft Visual C++ 2010. It also requires Windows 7 or higher. From our observations, xDedicIPScanner appears to be primarily used maliciously. The below example shows a country range being loaded in the tool for scanning.

Finally, Pastebin D3vSpider is also a scanner we’ve seen often. D3vSpider is not a port scanner, instead it scans Pastebin repositories which are popular for storing and sharing text (including stolen passwords, usernames, and network data). The tool’s output is based on the user’s input search criteria, and provides information including user names and their passwords. The example below shows a scan resulting in 745 user names and passwords for a single month, this can then be exported to a txt file for future use, with other tools. For example, it could be used with NLBrute, which is a known RDP Brute Force tool.

Recently, we have begun to see the use of messaging applications being used to drop other malicious and non- malicious tools. The messaging applications are widely used and not malicious in nature. They tend to be cloud-based messaging services, with support for a broad base of devices including both desktop systems and mobile devices. Users of the product can exchange messages, and files of any type with or without end-to-end-encryption, as well as sync the messages across all the user’s devices.  Some of these messaging services even allow messages to be “self-destructed” after delivery, so they are no longer seen on any device. One of the features of these messaging applications is known as “secret” chat. The users exchange encryption keys and after the exchange, they are verified and can then communicate freely without the possibility of being tracked. These features and many more, have made these messaging services a favored addition to some attackers’ tool boxes. 

Their ability to easily drop files on to other machines appears to be one of the main reason attackers use this program. In fact, we started to see the presences of these tool on comprised machines as early as December of 2016.  At first, we dismissed this as coincidence, but after further investigation we started seeing known hacker tools (NLBrute, Dubrute, and D3vSpider) show up on compromised machines after the installation of these messaging applications.

Since, these tools are capable of synchronizing messages across all the user’s devices, anyone that is part of the conversation can at a later time revisit a message to download a file or a picture.

Another method we have seen used is messaging Channels being created for the primary purpose of broadcasting messages to an unlimited number of subscribers. Channels can be either publicly available or private. Public Channels can be joined by anyone. However, for private Channels you need to be added or receive an invite to participate. Due to the encryption that these applications deploy, we see very little activity other than the machine joining a chat Channel, example of what is seen is below:

While the joining to a Channel is of interest, the files that appear on the machine after this is what is most interesting.  These tools range from Crack tools, RDP brute force tools, and encryption tools which allow attackers to hide their traffic and obscure the source IP addresses of their activity. Below is an example of what we saw on a host directly after connecting to a private Channel. 

What’s next:

We’ve presented some of the more frequently seen tools favored by the attackers, and used on virtual machines in Azure. These tools were, for the most part, created for legitimate usage without malicious intent, however, because of their functionality and ease of use, they are now being used maliciously.

While the presence of any one of these tools may not be reason for alarm, a closer look into other factors will help to determine if they are being used maliciously or not. For example, if we see more than one of them on an Azure virtual machine, the likelihood that the machine is compromised is much greater, and further investigation may be required. Seeing the tool’s usage in the context of other activity on the Azure machine is also very important in determining if these tools are being used maliciously. Ian Hellen’s blog on Azure Security Center Context Alerts describes how much of the tedious security investigation work is automated by Security Center and relevant context is provided about what else was happening on the Azure machine during and immediately before suspicious activity is detected. Tools like KportScan, Masscan, XDedicIPScanner, D3vSpider and malicious messaging services will be detected and alerted on by Azure Security Center Context Alerts.

From the number of incidents investigated, the usage of legitimate tools for malicious purposes appears to be an upward trend. In response, the Azure Security Center’s team of analysts, investigators, and developers are continuing to actively hunt and watch for these types of indicators of compromise (many of which are simply not detected by some AV signatures). We currently detect all of these tools discussed in this blog, and as we find more we are adding them to our Azure Security Center detections.

Recommended remediation and mitigation steps

Microsoft recommends investigating the attack campaign via a review of available log sources, host-based analysis, and if needed, forensic analysis to help build a picture of the compromise. In the case of Azure ‘Infrastructure as a Service’ (IaaS) virtual machines (VMs), several features are present to facilitate the collection of data including the ability to attach data drives to a running machine and disk imaging capabilities.

In cases where the victim machine cannot be confirmed clean, or a root cause of the compromise cannot be identified, Microsoft recommends backing up critical data and migrating to a new virtual machine. It is also recommended that the virtual machines are hardened prior to bringing them on line to prevent compromise or re-infection. However, with the understanding that this sometimes cannot be done immediately, we recommend implementing the following remediation steps:

• Review Applications: In cases where there are individual programs that may or may not be used maliciously, it is good practice to review the applications found on the host with the administrators and users. If it is determined that there are applications that may not have been installed by a known user(s), the recommendation would be to take appropriate action, as determined by your administrators.
• Review Azure Security Center Recommendations: Review and address any security vulnerabilities identified by Security Center, including OS configurations that do not align with the recommended rules for the most hardened version of the OS (for example, do not allow passwords to be saved), machines with missing security updates or without antimalware protection, exposed endpoints, and more.
• Defender Scan: Run a full antimalware scan using Microsoft Antimalware or another solution, which can flag potential malware.
• Avoid Use of Cracked Software: Using cracked software introduces unwanted risk of malware and other threats that are associated with pirated software. Microsoft highly recommends not using of cracked software and following legal software policy as recommended by their respective organization.

To learn more about Azure Security Center, see the following:

• Azure Security Center detection capabilities
• Managing and responding to security alerts in Azure Security Center
• Managing security recommendations in Azure Security Center
• Security health monitoring in Azure Security Center
• Monitoring partner solutions with Azure Security Center
• Azure Security Center FAQ

Get the latest Azure security news and information by reading the Azure Security blog.

The content below is taken from the original (What’s driving cloud adoption in 2017?), to continue reading please visit the site. Remember to respect the Author & Copyright.

If you’ve moved your enterprise infrastructure into the cloud, to say you’re not alone is an understatement. In researching our latest infographic, it’s clear that more and more enterprises are adopting cloud models and increasing their spending for cloud technologies. It’s also clear that, as cloud options and models increase, building in-house cloud skills and expertise will be necessary to keep pace with advancing cloud technologies and to optimize ROI. So what’s driving cloud adoption in 2017? In this post, we will address this question and explore how enterprises are adopting cloud frameworks. 

Enterprise cloud adoption continues to rise

“The No. 1 trend is ‘here come the enterprises’,” according to Forrester analyst Dave Bartoletti. 
Forrester reported that, of 1,000 technology decision makers for North American and European enterprise infrastructure, 38% were building private clouds, 32% were building public clouds, and 30% would build some form of cloud in the next 12 months.
Last July, Gartner predicted that $111 billion in IT spending would be redirected away from traditional on-premise technology and invested in the cloud (source: Gartner). This amount is expected to increase to $216 billion by 2020. Gartner’s Ed Anderson, research vice president, said:

“Cloud-first strategies are the foundation for staying relevant in a fast-paced world. The market for cloud services has grown to such an extent that it is now a notable percentage of total IT spending, helping to create a new generation of start-ups and ‘born in the cloud’ providers.”

This shift is also seen in the move to put more IT workloads into the cloud. According to McKinsey & Co., enterprises will make a significant shift from building IT infrastructure to consuming IT. Its “IT as a Service Cloud Survey” reported:

“More large enterprises are likely to move workloads away from traditional and virtualized environments toward the cloud—at a rate and pace that is expected to be far quicker than in the past.”

As more data is produced by a growing number of people, machines, and things, more of it will be moving to the cloud. Cisco thinks that more than 83% of data center traffic will be cloud-based by 2019, and most of this will be in the public cloud (source: Cisco). Cisco also reported that enterprises using the public or private cloud have increased 61% over 2015, with 68% of enterprises using cloud infrastructure for one to two small applications (source: Cisco).

ROI in the enterprise

Among organizations with mature cloud strategies, Cisco reported that “the most ‘cloud advanced’ organizations see an annual benefit per cloud-based application of $3 million in additional revenues and $1 million in cost savings. These revenue increases have been largely the result of sales of new products and services, gaining new customers faster, or the accelerated ability to sell into new markets.”
In its 2017 State of the Cloud report, Interop ITX, respondents to its cloud computing survey reported thatthey had “benefitted greatly” from cloud computing in the following areas:

Greater scalability, better and/or faster access to tech resources, improved performance, expanded geographic reach, and cost savings.

Building in-house cloud expertise is key

Digital technologies are at the heart of some of the most disruptive changes facing companies today, according to reports by both Deloitte and Microsoft. Deloitte notes that while 90% of CEOs believe that digital technologies are driving disruptive change, 70% report that their organization lacks the skills to adapt. This is compounded by the fact that…

skills are becoming obsolete at an accelerating rate and roles such as software engineers “must now redevelop skills every 12-18 months.”

In its survey of 250 UK tech leaders in medium- to large-sized organizations, the Microsoft Cloud Skills Report found that 83% of businesses ranked cloud skills as critical for digital transformation.
A study by IDG pointed out that “enterprise organizations have added new roles and functions to their business including cloud architects/engineers, cloud systems administrators and security architects/engineers” to ensure return on their cloud investments. (source: IDG) 
The 2017 Dice Salary Survey also noted the importance of the cloud on the need for skills:

“The migration from hardware-based storage to cloud storage and the explosion of IoT technologies connecting billions of devices are creating a demand for skills to support these transitions and growth. When industries experience transformation at this level, it creates skills demand and increased salaries.”

Solving the skills gap with training

The Deloitte 2017 Global Human Capital Trends report notes that software engineers typically have to upgrade their skills every 12 to 18 months. The report saw “the issue of improving employee careers and transforming corporate learning” move up from fifth to the second most important trend in the report.
The research indicates that acquiring new skills and upskilling existing staff has never been more important.
The Microsoft report noted that 60% of companies are choosing to train existing employees, while 53% anticipate using external training providers and 46% will be looking to hire outside professionals with cloud skills. Workforce solutions provider ManpowerGroup’s U.S. Talent Shortage Survey 2016/2017 found that nearly half of employers are using training programs with existing personnel to augment open positions.
Check out the full Cloud Computing in 2017 infographic in this post.

The content below is taken from the original (What GDPR means to Office 365), to continue reading please visit the site. Remember to respect the Author & Copyright.

GDPR Affects All European Businesses

From May 25, 2018, companies with business operations inside the European Union must follow the General Data Protection Regulations (GDPR) to safeguard how they process personal data “wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system.” The penalties set for breeches of GDPR can be up to 4% of a company’s annual global turnover. For companies like Microsoft that have operations within the EU, making sure that IT systems do not contravene GDPR is critical. And as we saw on August 3, even the largest software operations like Office 365 can have a data breach.

Because many applications can store data that might come under the scope of GDPR, the regulation has a considerable influence over how tenants deal with personal data. The definition of personal data is “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

GDPR goes on to define processing of personal data to be “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”

In effect, individuals have the right to ask companies to tell them what of their personal data a company holds, to correct errors in their personal data, or to erase that data completely. Companies need to know what personal data they hold, make sure that they obtain consents from people to store that data, protect the data, and notify authorities if data breaches occur.

On first reading, this might sound like what companies do – or at least try to do – today. The difference lies in the strength of the regulation and the weight of the penalties should anything go wrong. In other words, GDPR deserves your attention.

Putting GDPR into Context

The definitions used by GDPR are quite broad. To move from the theoretical to practicality, an organization needs to understand what personal data it holds for its business operations and where they use the data within software applications. However, it is easy to imagine examples of where personal information might be inside Office 365 applications, including:

• Annual reviews written about employees stored in a SharePoint or OneDrive for Business site.
• A list of applicants for a position in an Excel worksheet attached to an email message.
• Tables holding data (names, employee numbers, hire dates, salaries) about employees in SharePoint sites.

Other examples might include contract documentation, project files that includes someone’s personal information, and so on.

Data Governance Helps

Fortunately, the work done inside Office 365 in the areas of data governance and compliance help tenants to satisfy the requirements of GDPR. These features include:

• Classification labels and policies to mark content that holds personal data.
• Auto-label policies to find and classify personal data as defined by GDPR. Retention processing can then remove items stamped with the GDPR label from mailboxes and sites after a defined period, perhaps after going through a manual disposition process.
• Content searches to find personal data marked as coming under the scope of GDPR.
• Alert policies to detect actions that might be violations of the GDPR such as someone downloading multiple documents over a brief period from a SharePoint site that holds confidential documentation.
• Searches of the Office 365 audit log to discover and report potential GDPR issues.
• Azure Information Protection labels to encrypt documents and spreadsheets holding personal data by applying RMS templates so that unauthorized parties cannot read the documents even if they leak outside the organization.

Let’s explore some of the technology that exists today within Office 365 that can help with GDPR.

Using Classification Labels

As mentioned above, you can create a classification label to mark personal data coming under the scope of GDPR and then apply that label to relevant content. If you have Office 365 E5 licenses, you can create an auto-label policy to stamp the label on content in Exchange, SharePoint, and OneDrive for Business found because documents and messages hold sensitive data types known to Office 365.

Figure 1 shows how to select from the set of sensitive data types available in Office 365. The set is growing steadily as Microsoft adds new definitions. At the time of writing, 82 types were available, 31 of which are obvious candidates to use in a policy because they are for sensitive data types such as country-specific identity cards or passports.

Figure 1: Selecting personal data types for an auto-label policy (image credit: Tony Redmond)

Figure 2 shows the full set of sensitive data types that I selected for the policy. You can also see that the policy applies a label called “GDPR personal data” to any content found in the selected locations that matches any of the 31 data types. Auto-apply policies can cover all Exchange mailboxes and SharePoint and OneDrive for Business sites in a tenant – or a selected sub-set of these locations.

Figure 2: The full set of personal data types for a GDPR policy (image credit: Tony Redmond)

Using classification labels to mark GDPR content has another benefit in that you can search for this content using the ComplianceTag keyword (for instance, ComplianceTag:”GDPR personal data”).

It can take up to a full week before auto-label policies apply to all locations. In addition, an auto-label policy will not overwrite a label that already exists on an item. These are small issues. The big problem here is that classification labels only cover some of Office 365. Some examples of popular applications where you cannot use labels are:

• Teams.
• Planner.
• Yammer.

Microsoft has plans to expand the Office 365 data governance framework to other locations (applications) over time. Given the interest in GDPR, hopefully some or all of the locations mentioned above will support data governance by May 2018.

Right of Erasure

Finding GDPR data solves one problem. A further challenge is posed by article 17 of GDPR (the “right of erasure”), which says: “The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay.” In other words, someone has the right to demand that an organization should erase any of their personal data that exists within the company’s records. Content searches can find information about someone using their name, employee number, or other identifiers as search keywords, but erasing the information is something that probably needs manual processing to ensure that the tenant removes the right data and just that data.

You can find and then remove documents and other items holding someone’s name or another identifier belonging to them using tools such as Exchange’s venerable Search-Mailbox cmdlet or Office 365 content searches. However, if the data is on-hold because the company needs to keep items for regulatory or legal purposes, can you then go ahead and remove the items? Remember that the purpose of placing content on-hold is to ensure that no-one, including administrators, can remove that information from Exchange or SharePoint.

The GDPR requirement to erase data on request means that administrators might have to release holds placed on Exchange, SharePoint, and OneDrive for Business locations to remove the specified data. But once you release a hold, you weaken the argument that held data is immutable. The danger exists that background processes or users can then remove or edit previously-held data and so undermine a company’s data governance strategy.

The strict reading of GDPR appears to leave no doubt that organizations must process requests to erase personal data upon request. But what if the company needs to keep some of the data to satisfy regulations governing financial transactions or other interactions? This is not something that IT can solve. Lawyers will have to interpret requests and understand the consequences before making decisions and it is likely that judges will have to decide some test cases in different jurisdictions before full clarity exists.

Hybrid is More Difficult

No doubt exists that Microsoft is working to help Office 365 tenants with GDPR. However, not quite the same effort is going to help on-premises customers. Some documentation exists to deal with certain circumstances (like how to remove messages held in Recoverable Items), but the feeling I have picked up is that on-premises customers feel they have to figure things out for themselves.

In some respects, this is understandable. After all, every on-premises deployment is slightly different and exists inside specific IT environments. Compared to the certainty of Office 365, developing software for on-premises deployment must take the foibles of individual customers into account.

On-premises software is more flexible, but it is also more complicated. Developing solutions to help on-premises customers deal with GDPR might be more of a challenge than Microsoft wants to take on now, especially given their focus of moving everything to the cloud.

Solutions like auto-label; policies are unavailable for on-premises servers. Those running on-premises SharePoint and Exchange systems must therefore come up with their own ways to help the businesses that they serve deal with personal data in a manner that respects GDPR.

SharePoint Online GitHub Hub

If you work with SharePoint Online, you might be interested in the SharePoint GDPR Activity Hub. At present, work is only starting, but it is a nice way to share information and code with similarly-liked people.

ISV Initiatives

Every week I seem to receive an announcement about an ISV-sponsored white paper on GDPR and how their technology can help companies cope with the new regulations (here is an example from Forcepoint). There is no doubt that these white papers are valuable, if only for the introduction and commentary by experts that the papers usually feature. But before you resort to an expensive investment, ask yourself whether the functionality available in Office 365 is enough. If not, then look at the ISV offerings more closely.

Technology Only Part of the Solution

GDPR will effect Office 365 because it will make any organization operating in the European Union aware of new responsibilities to protect personal data. However, technology seldom solves problems on its own. The nature of regulations like GDPR is that training and preparation are as important if not more important than technology to ensure that users recognize and properly deal with personal data in their day-to-day activities. You can deploy Office 365 features to support users in their work, but do not expect Office 365 to be a silver bullet for GDPR.

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.

The post What GDPR means to Office 365 appeared first on Petri.

The content below is taken from the original (When is a Barracuda not a Barracuda? When it’s really AWS S3), to continue reading please visit the site. Remember to respect the Author & Copyright.

Barracuda’s backup appliances can now replicate data to Amazon’s S3 cloud silos.

According to the California-based outfit, its backup appliance is now available in three flavors:

• On-premises physical server
• On-premises virtual server
• In-cloud virtual server

Barracuda backup schematic

Data can be backed up from Office 365, physical machines, and virtual machines running in Hyper-V or VMware systems, to an appliance. This box can then replicate its backups to a second appliance, typically at a remote site, providing a form of disaster recovery, or send the data to S3 buckets in AWS. For small and medium businesses with no second data centre, replicating to Amazon’s silos provides an off-site protection resource.

Barracuda’s customers, resellers and managed services providers can add this replicate-to-Amazon option to their Barracuda product set. Users don’t have to deploy compute processes inside AWS or become AWS infrastructure experts; Barracuda taking care of that side of things, apparently. The biz provides the backend service, which piggybacks on AWS, and your boxes connect to it.

Barracuda Backup replication to AWS is available now in North America, with worldwide deployment expected to be rolled out in the coming months. ®

Sponsored:
The Joy and Pain of Buying IT – Have Your Say